Veritas Storage Foundation Multiple Service Remote DoS (SYM08-004)

low Nessus Plugin ID 31862


The remote host contains an application that is affected by a denial of service issue.


Veritas Storage Foundation, a storage management solution from Symantec is installed on the remote host.

The installed version is reportedly affected by a denial of service vulnerability. By sending specially crafted IP packets to TCP port 4888, an unauthenticated attacker may be able to cause a denial of service condition and crash the scheduler service.

In addition the Administration service may also be affected by a heap overflow vulnerability.


Apply the appropriate patch as discussed in the vendor advisories above.

See Also

Plugin Details

Severity: Low

ID: 31862

File Name: veritas_storage_foundation_dos.nasl

Version: 1.15

Type: remote

Published: 4/15/2008

Updated: 11/15/2018

Risk Information


Risk Factor: Medium

Score: 5.9


Risk Factor: Low

Base Score: 3.3

Temporal Score: 2.4

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:symantec:veritas_storage_foundation

Required KB Items: VERITAS/VeritasSchedulerService

Exploit Ease: No known exploits are available

Reference Information

CVE: CVE-2007-4516, CVE-2008-0638

BID: 25778, 27440

CWE: 20, 119